Reputation: 825
Generating OpenAM tokens for a user
Let's say I have two applications, appA and appB. appA has a simple database authentication approach and appB uses ForgeRock's OpenAM. I want a user in appA to be able to SSO into appB. Because the username/password in appA is different then the creds in OpenDj, I'm wanting to add a column to my user table in appA called external_user_id. I would then use this to generate a token to hand over to appB. I'm curious if there is a way in OpenAm to generate tokens for a user using only their username and not their password. If there was the idea of a serviceAdmin account that lets appA generate tokens based on just a username, that would be awesome, but I'm doubting that something like this exists. Is there something like this in OpenAM that I'm missing?
Upvotes: 0
Views: 267
Answers (1)
Reputation: 2995
The best way to tackle this kind of a situation is to write a custom authentication module that would receive a session ID or a "secret" from appA, then validate it and issue a new session on the OpenAM domain, and thus giving access to appB.
Upvotes: 0
Related Questions
- Java REST API that uses OpenAM token to determine user?
- OpenAM OpenID connect token verification
- How to get a JWT token from openAM
- OpenAM Configuration
- Openam and OpenDJ Integration issue: authorization failure
- OpenAM - Use OAuth2 Access Token to get User Details?
- Forgerock - OpenAM - retrieving all valid sessions for a specific user
- openAm 12.0.0 failed to add user with external opendj
- UID for OpenAM dynamic created account
- OpenAM user account lock / unlock event handler